Public ASP.NET Keys Compromise Thousands of Web Applications
Microsoft has identified a new hacker group exploiting publicly available static ASP.NET keys to inject malicious code. Attackers have attempted to use this technique to deploy the Godzilla framework through the ViewState mechanism.
️ Security researchers have discovered over 3,000 public keys that could be leveraged for attacks on web applications. Unlike previous threats that relied on stolen keys, this new attack vector is even more dangerous because developers may inadvertently include these public keys in their code.
🛡 If successful, attackers can gain remote code execution (RCE) on IIS servers by manipulating ViewState. Microsoft warns that simply rotating compromised keys won’t be enough, as threat actors may have already established persistence within affected sys
tems.
Public ASP.NET Keys Compromise Thousands of Web Applications
Microsoft has identified a new hacker group exploiting publicly available static ASP.NET keys to inject malicious code. Attackers have attempted to use this technique to deploy the Godzilla framework through the ViewState mechanism.️ Security researchers have discovered over 3,000 public keys that could be leveraged for attacks on web applications. Unlike previous threats that relied on stolen keys, this new attack vector is even more dangerous because developers may inadvertently include these public keys in their code.
